Issues when building ziti locally

When I download the ZiTi source code and going to do the local Install, it shows the following error:

:~/Desktop/ziti-0.27.5$ go install ./ziti
go: downloading github.com/michaelquigley/pfxlog v0.6.9
go: downloading github.com/openziti/transport/v2 v2.0.51
...
...
(a lot of downloading)
...
...
go: downloading github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f
go install github.com/openziti/ziti/ziti: mkdir /home/saumya: permission denied
:~/Desktop/ziti-0.27.5$ ziti version
bash: ziti: command not found
:~/Desktop/ziti-0.27.5$ go build -o ./build/ziti ./ziti/
:~/Desktop/ziti-0.27.5$ ./build/ziti version
NAME             VERSION
ziti             v0.27.5
ziti-controller  not installed
ziti-prox-c      not installed
ziti-router      not installed
ziti-tunnel      not installed
ziti-edge-tunnel not installed
:~/Desktop/ziti-0.27.5$ go work init
go work use .
go work use ../edge
go: directory /home/klabzhao/Desktop/edge does not exist
:~/Desktop/ziti-0.27.5$ cat go.work
go 1.19

use .
:~/Desktop/ziti-0.27.5$ mkdir -p ./db

:~/Desktop/ziti-0.27.5$ ZITI_HOME=. \                              
ZITI_CTRL_LISTENER_ADDRESS=127.0.0.1 \
ZITI_CTRL_EDGE_LISTENER_HOST_PORT=127.0.0.1:1280 \
ZITI_EDGE_CTRL_ADVERTISED_HOST_PORT=127.0.0.1:1280 \
ZITI_CTRL_IDENTITY_CERT=./etc/ca/intermediate/certs/ctrl-client.cert.pem \
ZITI_CTRL_IDENTITY_SERVER_CERT=./etc/ca/intermediate/certs/ctrl-server.cert.pem \
ZITI_CTRL_IDENTITY_KEY=./etc/ca/intermediate/private/ctrl.key.pem \
ZITI_CTRL_IDENTITY_CA=./etc/ca/intermediate/certs/ca-chain.cert.pem \
ZITI_SIGNING_CERT=./etc/ca/intermediate/certs/intermediate.cert.pem \
ZITI_SIGNING_KEY=./etc/ca/intermediate/private/intermediate.key.decrypted.pem \
    ziti create config controller \
        --output ./db/ctrl-config.yml
bash:  : command not found
bash: ziti: command not found
:~/Desktop/ziti-0.27.5$ ls -a
.            CHANGELOG.md        db             .gitattributes  go.work        RELEASING.md  ziti-controller
..           changelogs          doc            .github         LICENSE        SECURITY.md   ziti-fabric-test
ADOPTERS.md  CODE_OF_CONDUCT.md  .dockerignore  .gitignore      network-tests  test          ziti-router
build        common              docker-images  go.mod          quickstart     version       ziti-tunnel
BUILD.md     CONTRIBUTING.md     etc            go.sum          README.md      ziti


I did all above following the instruction on 003-local-deploy.md and 002-local-dev.md. Some output look good, but some just not work out.
Is there any idea to fix ?

Hi @Nick, I moved this into a new topic. The output from ziti version is strange to me. I wouldn’t expect to see a version when built locally, i expect it to be 0.0.0.

Can you sum up what it is you’re having a challenge with? You are just looking to build things locally, right?

I downloaded source code from Releases · openziti/ziti · GitHub.
Then, Go 1.19 is installed:

:~$ go version
go version go1.19 linux/amd64

After that, I just started the steps in 002-local-dev.md, and run:
There is an error says ``permission denied"

:~/Desktop/ziti-0.27.5$ grep -Po '^go\s+\K\d+\.\d+(\.\d+)?$' go.mod
1.19

:~/Desktop/ziti-0.27.5$ go install ./ziti
go: downloading github.com/openziti/foundation v0.17.22
go install github.com/openziti/ziti/ziti: mkdir /home/saumya: permission denied


Then, I am not clear this line in the guide: "If you add ${GOPATH}/bin to your executable search ${PATH} then you may immediately run the newly-built binaries."

But, I still run the following :

:~/Desktop/ziti-0.27.5$ ziti version
bash: ziti: command not found

After this, it is the same with my previous situations.

I don't think we should be instructing you to install like that. Personally here is what I do;

git clone https://github.com/openziti/ziti.git
cd ziti
go build -o built ./...

after that you'll have a ziti binary in that folder and you can run it and it should show you v0.0.0:

root@8f41f9fa182a:/go/ziti# built/ziti version
NAME             VERSION
ziti             v0.0.0
ziti-controller  not installed
ziti-prox-c      not installed
ziti-router      not installed
ziti-tunnel      not installed
ziti-edge-tunnel not installed

As for this part of the guide:

“If you add ${GOPATH}/bin to your executable search ${PATH} then you may immediately run the newly-built binaries.”

That's just telling you that your built library can be put on your path. It's not vital.

Really it's just a few steps...

  • clone the repo
  • issue go build and output it to a known location
  • run the binary from the output location

Is that helpful? I'm going to put an issue in to rewrite 002-local-dev.md for simplicity...

Is there anything else you need help with? I'm happy to help you here as it makes senses and let it feed into any updates...

Thank you very much. Actually, I have few further questions.
Right now, I am going to read and understand the source code, because I want to modify and change some source code.
In this case, if I modify the source code, then I have to re-build and re-compile the source code again locally, right ?

you got it! :slight_smile: have fun!

If I do this every time:

git clone https://github.com/openziti/ziti.git

I think it will not apply my modification in the final software, right ?

Correct. You don’t want to clone every time.

clone the code one time, then: make changes, compile, run… repeat

Therefore, if I am going to compile it again, where should I start ?
Should I start from the guide file 002-local-dev.md" , and 003-local-deploy.md" ?
Or, there is other easy approach to re-compile ?

I’d suggest you start with Tutorials - The Go Programming Language. Once you’re more familiar with go, this will all make more sense.

And, I also have a general question:

Right now, I am doing the research on Zero trust network.
Is that possible to connect one ZiTi network/controller to another ZiTi network/controller ?

Probably not. It’s actually a really complex question that you’re asking. The simplest answer is just “no”. :slight_smile:

Yes sure.

I am not familiar with GO. I will spent more time with it and figure it out. I just enter this field of study for few weeks :slight_smile:

I might have some “stupid” questions, sorry about that. But, I will still put some effort on this.

Thank you for so much help.

Maybe I am not familiar with the code.
But, I think one Ziti network can be considered as a “service” to another Ziti network. Then, we can attach a Ziti network to another. It can make the ZiTi network more flexible or re-scalable.

Now, I am reading the code and trying to modify the code is for this purpose.

If you have any idea, such as, it is possible or not possible to do it, I will really appropriate it.

And, everybody can share some idea and discussion.

Thank you all

Curious question Nick, why are you trying to connect one ZiTi network/controller to another ZiTi network/controller? What are you trying to achieve?

What you’re describing is vague enough that it could cover a number of things. If you’re doing some research you could look into:

  1. Bridging ziti networks. This would involve a bridge application which was a member of both networks, either as an edge client (which would be pretty straightforward) or as a modified router (hard to say exactly how this would work.
  2. Multi-tenant ziti networks. This would involve a router mesh which could communicate with multiple controllers and handle traffic for them independently. This would actually be pretty straightforward until you get to nitty gritty, like making sure that reported metrics are segmented by network as well.

Enjoy your ziti research :slight_smile:

1 Like

Thank you guys!

And, the “Bridging ziti networks” and “Multi-tenant ziti networks” are exactly what I want !

Is there any similar project online ?

When I was running above commands, it shows following errors:

@:~/Desktop/new_ziti$ git clone https://github.com/openziti/ziti.git
Cloning into 'ziti'...
remote: Enumerating objects: 15130, done.
remote: Counting objects: 100% (901/901), done.
remote: Compressing objects: 100% (451/451), done.
remote: Total 15130 (delta 505), reused 780 (delta 430), pack-reused 14229
Receiving objects: 100% (15130/15130), 6.34 MiB | 4.58 MiB/s, done.
Resolving deltas: 100% (10062/10062), done.
@:~/Desktop/new_ziti$ cd ziti
@:~/Desktop/new_ziti/ziti$ go build -o built ./...
go: could not create module cache: mkdir /home/saumya: permission denied
go: could not create module cache: mkdir /home/saumya: permission denied
@:~/Desktop/new_ziti/ziti$

Is there any idea how to fix this?
Or, should I use sudo mode to run this command ?

Thank you

I/we really can’t help you out with too many go-related problems and this seems like a go problem. You should check that you have go installed properly… There are a lot of go-related posts on the internet about this. Here’s one that talks about GOMODCACHE. cmd/go: repeated, unhelpful errors when module cache can't be created · Issue #45113 · golang/go · GitHub

I suspect you have something wrong in your go env. For example if I search my go env for cache, i see:

$ go env | grep -i cache
GOCACHE="/home/cd/.cache/go-build"
GOMODCACHE="/home/cd/go/pkg/mod"

It seems like one or more go-related settings are causing problems and to be fair, I don’t know which. Sorry, I can’t help more.